#!/usr/local/bin/php

<html>
<head>
<meta name="keywords" content="quantitative trust management, QTM, trust, trust management, reputation, reputation management, wikipedia, vandalism, STiki, computer and information science, computer science, computer, information, science, distributed systems, UPenn, university of pennsylvania, p2p, keynote, delegation, quantifier, transitive trust, trust evaluation, systems">

<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<link rel="stylesheet" href="../style.css" type="text/css">

<title>QTM: Autonomous System Reputation (AS-CRED)</title>

<script type="text/javascript">
var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www.");
document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));
</script>
<script type="text/javascript">
try {
var pageTracker = _gat._getTracker("UA-11707729-2");
pageTracker._trackPageview();
} catch(err) {}
</script>

</head>
<body>
  
<table width=100%  height=100% border="0" cellspacing="0" cellpadding="0">
  <tr height=100%><td bgcolor=#011F5B valign=top width="200">

<!----------- Left Bar ----------->
<div id="leftbar">
<a href="http://www.seas.upenn.edu/"><img src="../penn-eng-logo.gif"  alt="Penn Engineering" width="200" height="80" border="0"></a>
<hr><br><br>
<ul>
 <li><a href="index.php3"><span>Home</span></a></li>
 <li><a href="personnel.php3"><span>Personnel</span></a></li>
 <li><a href="publications.php3"><span>Publications</span></a></li>
 <li><a href="summary.php3"><span>Summary Slides</span></a></li>
 <li><a href="p2psim.php3"><span>TM/RM Simulator</span></a></li>
 <li><a href="quantm.php3"><span>QuanTM Framework</span></a></li>
 <li><a href="wiki_vandal.php3"><span>Wikipedia Vandalism</span></a></li>
 <li><a href="as-cred.php3"><span>AS Reputation (AS-CRED)</span></a></li>
 <li><a href="http://rtg.cis.upenn.edu/TrustForge/index.php3"><span>TrustForge</span></a></li>
 <li><a href="http://rtg.cis.upenn.edu/muri-trust/wiki/index.php" onClick="javascript: pageTracker._trackPageview('/outgoing/internal_wiki'); "><span>Internal Wiki</span></a></li>
</ul>
</div>
</td><td valign=top>

<!----------- Right Content ----------->
<div id="content">

<!----------- Top Bar ----------->
<div id="topbottombar"> 
<a href="http://www.cis.upenn.edu/" onClick="javascript: pageTracker._trackPageview('/outgoing/penn_cis'); ">CIS Home</a>&nbsp;&nbsp;|&nbsp;&nbsp; 
<a href="http://www.seas.upenn.edu/" onClick="javascript: pageTracker._trackPageview('/outgoing/penn_seas'); ">Penn Engineering</a>&nbsp;&nbsp;|&nbsp;&nbsp;  
<a href="http://www.upenn.edu/" onClick="javascript: pageTracker._trackPageview('/outgoing/penn_univ'); ">Penn</a>
</div>

<br>

<!----------- Title ----------->
<div id="titlename">
<table><tr><td>QTM: Autonomous System Reputation (AS-CRED)</td></tr></table>
</div>

<br><br>

<!----------- Main content ----------->
<div id="main"><br><br>


<TABLE WIDTH="550"><TR><TD>

The Border Gateway Protocol (BGP) is the standard communication
protocol for interconnecting large IP domains, called Autonomous Systems
(AS). BGP operates by exchanging updates between ASes; which contains
reachability information for prefixes (IP address blocks). The current
design of BGP implicitly requires the existence of complete trust between
ASes exchanging BGP routing information, which is a cause for concern given
the tendency of many ASes to announce invalid BGP updates for some or all of 
their prefixes. 

<P>

A <I>valid</I> update is defined as satisfying two conditions:
(1)<B> Accuracy </B>: it provides accurate routing information (<EM>e.g.</EM>, 
prefix hijacking), and (2)<B> Necessity </B>: the update itself is necessary for 
the correct operation of the Internet (<EM>e.g.</EM>, it is not part of a sequence 
of short duration prefix announcements and withdrawals). Much work has been done 
in detecting occurrence of invalid updates in the Internet. These solutions however 
are limited to detecting inaccurate updates (<em>e.g.</em>, prefix hijacking), none 
of them are designed to address the necessity aspect of update validity.

<P>

In order to remedy this situation, we have developed AS-CRED, a reputation 
management and alert service for Autonomous Systems. It quantifies the level of 
"cred"(trust) one can have in an AS' tendency to announce valid updates.
Trust in AS-CRED is represented using a predictive metric called <EM> reputation </EM>.
To compute the reputation of an AS, AS-CRED analyzes the updates announced by the AS,
over a time-window based on well-defined properties, provides feedback to a reputation
function which computes the reputation value. The reputation values thus computed are used
for triggering alerts for any BGP updates received from then on which are predicted to be
invalid based on the reputation of the ASes which announced them.

<P>

AS-CRED service has many uses: (1) <B> Behavior Metric</B>: Its association of
an objective and global trust metric with every observable AS in the Internet allows
ASes to not only know about other ASes but also how it itself is perceived.
AS can now make better informed decisions in dealing with others and tuning
their business, traffic, scalability or security policies, accordingly; (2)
<B> White-List</B>: One of the byproducts of reputation computation
is a white-list of AS-prefix pairs which are legitimate (stable and legal).
The white-list can be used by ASes for tuning their import and export policies:
(3) <B> Expanded Alert Service</B>: The alert mechanism is unlike any existing
alert systems available, in that: (a) it provides an alert for both inaccurate
and unnecessary updates announced, (b) it provides the reputation value for the
AS involved along with the alert, which is very useful for understanding the
behavior of ASes, and (c) the reputation and alerts can provide effective 
diagnostic and forensic tool to debug network connectivity issues at Internet
scale; (4) <B> Incentivization</B>: The availability of reputation has the 
potential to provide an incentive for ASes to improve their behavior in the future.

<P>
Interested readers should check out the documents below: 

<P>
<UL>

<LI><A HREF="doc/Trust2011.PDF"); "><span>AS-TRUST: A TRUST QUANTIFICATION SCHEME FOR AUTONOMOUS SYSTEMS IN BGP</span></A> (Trust'11) - This paper extends the AS-CRED work by considering not only invalid AS-prefix binding but also the presence of valley paths and unstable AS-links in the computation of reputation value for Autonomous Systems. Further, unlike AS-CRED the reputation value computed is normalized and has a probabilistic meaning, providing a complementary (and extended) view of AS reputation.
<P>

<LI><A HREF="doc/Tech-Report-MS-CIS-10-17.pdf"); "><span>AS-CRED: REPUTATION SERVICE FOR TRUSTWORTHY INTER-DOMAIN ROUTING</span></A> University of Pennsylvania Technical Report, CIS-MS-10-17, April, 2010 (Submitted to ACM IMC '11) - The paper presents: (1) a reputation service for ASes, characterizing their trustworthiness to announce valid updates; (2) a set of well-defined properties for analyzing AS behavior; (3) a simple reputation function and feedback mechanism; (4) a reputation portal which regularly publishes AS reputation; and (5) a reputation-based alert service which tracks potentially invalid updates in the Internet. Detailed analysis of AS-CRED demonstrates: (a) AS behavior is repetitive making reputation an effective trust metric, and (b) AS-CRED's alerts for invalid updates show dramatic improvement over existing and similar alert systems.
<P>

<LI><A HREF="ascred/"><span> AS-CRED: REPUTATION PORTAL AND BGP ALERT SERVICE</span></A> - A service that provides an reputation repository and alert service for the Autonomous Systems in the Internet. It consists of: (1) a list of five ASes with worst reputations with repect to annoucing unnecessary and inaccurate BGP updates for that day, (2) a query service for obtaining the current reputation values for any active AS in the Internet, and (3) an alert service which records the instances of announcement of potentially inaccurate, unnecessary or new (heretofore) unseen updates.
<P>

<LI><A HREF="doc/ASCRED_slides.pdf"><span> SLIDES </span></A> - Presented at the MURI Option Review Meeting held on June 10, 2010 at the University of Pennsylvania, Philadelphia, PA.
<P>
</UL>
<P>

<BR><BR>

</TD></TR></TABLE>

</div>

<!----------- Bottom Bar ----------->
<div id="topbottombar">

<a href="http://www.cis.upenn.edu/" onClick="javascript: pageTracker._trackPageview('/outgoing/penn_cis'); ">CIS Home</a>&nbsp;&nbsp;|&nbsp;&nbsp; 
<a href="http://www.seas.upenn.edu/" onClick="javascript: pageTracker._trackPageview('/outgoing/penn_seas'); ">Penn Engineering</a>&nbsp;&nbsp;|&nbsp;&nbsp;  
<a href="http://www.upenn.edu/" onClick="javascript: pageTracker._trackPageview('/outgoing/penn_univ'); ">Penn</a>

</div>

</div><!-- End right content -->

</td></tr></table>

</body>
</html>